Remove Account Creation Privilege For Imported Keymanager #7555
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## master #7555 +/- ##
==========================================
- Coverage 61.74% 61.62% -0.13%
==========================================
Files 424 424
Lines 29884 29837 -47
==========================================
- Hits 18452 18387 -65
- Misses 8473 8496 +23
+ Partials 2959 2954 -5 |
rkapka
reviewed
Oct 17, 2020
Comment on lines
55
to
+58
| case keymanager.Remote: | ||
| return errors.New("cannot create a new account for a remote keymanager") | ||
| case keymanager.Imported: | ||
| km, ok := km.(*imported.Keymanager) | ||
| if !ok { | ||
| return errors.New("not a imported keymanager") | ||
| } | ||
| // Create a new validator account using the specified keymanager. | ||
| if _, _, err := km.CreateAccount(ctx); err != nil { | ||
| return errors.Wrap(err, "could not create account in wallet") | ||
| } | ||
| return errors.New("cannot create a new account for an imported wallet") |
There was a problem hiding this comment.
Inconsistent naming: keymanager vs wallet
I have been thinking about it a few times while looking at accounts' code. Is our use of keymanager/wallet while interacting with the user unambiguous throughout the whole package?
validator/rpc/accounts.go
Outdated
Comment on lines
34
to
39
| if s.wallet.KeymanagerKind() != keymanager.Derived { | ||
| return nil, status.Error(codes.InvalidArgument, "Only HD wallets can create accounts") | ||
| } | ||
| km, ok := s.keymanager.(*derived.Keymanager) | ||
| if !ok { | ||
| return nil, status.Error(codes.InvalidArgument, "Not a derived keymanager") |
There was a problem hiding this comment.
Are both checks necessary? Is it possible for s.wallet.KeymanagerKind() to be different than s.keymanager?
rkapka
approved these changes
Oct 19, 2020
|
@rauljordan Hmm, this part of the documentation needs to be updated https://docs.prylabs.network/docs/wallet/nondeterministic/#wallet-creation |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Part of #7515
As of beta.0, imported keymanagers cannot create new accounts for security reasons. It is better for a user to create their accounts elsewhere using an HD wallet if possible and the import those keystores as needed into Prysm